Carrying insurance as business is commonplace and depending on what type of business one is involved in there are a myriad of different insurance policies and coverage types that may be used to ensure that the business is protected in the event of some sort of unplanned event. As an increasing number of businesses are falling victim to cyber attack during which sensitive personal data is stolen many businesses are purchasing Data Breach Insurance or Cyber Security Liability Insurance, all depending on which plan a business chooses to protect them in the event of a data breach. So, is this insurance coverage the right thing for your business?

Deciding on whether or not coverage of this sort is something that your business must consider shouldn’t hinge on whether or not data is stored on the Internet. In some cases, data breach insurance covers stolen laptops and computers and even paper files, though it is a coverage aimed at protecting against cyber attack, in general. If your business collects, stores or transmits personal data of others, including employees, or would suffer monetarily in the event of an attack then this coverage is something that should be investigated.

Once a business has decided that further investigation is warranted, the next place to start is with the business’ current insurance coverage plans as some types of data breach events may already be coverage. A small business may find that for its needs the current coverage is sufficient. Following, the business should acquire as many coverage plans as they can and read them thoroughly as to find the coverage that meets their needs. In this case the business will consider the types of attacks that they would be looking to prevent, breach of customer data or distributed denial of service attack, for example. As well as considering the type of the attack, the type of damage covered also needs to be considered: first-party expenses and third-party liabilities. First-party expenses will be the costs to the business in notifying customers of the breach and offering data monitoring services, forensic analysis, boosting bandwidth or even paying an extortionist’s ransom to prevent an attack. Third-party liabilities will be lawsuits brought by customers or employees whose data has been compromised, fines or redress sought by regulators.

Reputational damage and loss of business will probably not be covered by insurance therefore it is important to safeguard the business’ data holdings. Insurance alone will not suffice to cover all potential damage that could arise in the event of a cyber attack.

If your business is evaluating its data security or considering purchasing cyber attack insurance or data breach insurance, then please contact us for assistance with this matter.

SHARE THIS: